09-01-2025 11:25 PM
Dear all,
I have a certificate issued by the CA.
Now this certificate is for Palo Alto machine at a customer site. We don’t have access to those devices.
Now the manager asked to me first use OpenSSL tool to generate a Private key and test the certificate for SSL/TLS service profile on our own device and make sure the certificate is working.
Now when I use the OpenSSL to generate a combined certificate and key together.
when I upload the final combined cert with the .crt and .pem file into the Palo Alto machine I does not upload first and second it doesn’t appear under the SSL/TLS profile.
can anyone help me fix the issue please.
i really need support because we need to use the certificate tmrw at the customer site.
Thank you.
Best Regards,
Shah.
09-04-2025 05:17 AM
Hi @m.shah.alizada2000 ,
Can you give more details on the upload process ?
Are you getting any errors/logs while trying to upload the file ?
I've seen these kind of problem happening when a wrong format was used.
When key and certificate are combined into one file make sure you're using the PKCS12 format:
Source: https://docs.paloaltonetworks.com/ngfw/administration/certificate-management/certificate-deployment/...
Hope this helps,
-Kim.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
